GitLab issues patch for high severity account takeover vulnerability

0
11

GitLab has released patches for seven vulnerabilities, including a high-severity flaw that allowed threat actors to take over people’s accounts.

The highlight of the security advisory is an XSS weakness in the VS code editor (Web IDE), that threat actors can exploit via malicious pages. Although the attackers can abuse the flaw without authentication, the bug still requires victim interaction, making abusing the bug somewhat more complex.

LEAVE A REPLY

Please enter your comment!
Please enter your name here